gnupg: Update to v2.5.19

gnupg/0001-gpg-accept-subkeys-with-a-good-revocation-but-no-sel.patch → gnupg/0002-gpg-accept-subkeys-with-a-good-revocation-but-no-sel.patch

@@ -1,8 +1,8 @@
-From b57d410c6d8fbfb5e9c87646d9c8fd44e4ce11d8 Mon Sep 17 00:00:00 2001
+From aadb053a5465d66ae881639c46aecc581a1fe1aa Mon Sep 17 00:00:00 2001
 From: Vincent Breitmoser <look@my.amazin.horse>
 Date: Thu, 13 Jun 2019 21:27:43 +0200
-Subject: [PATCH] gpg: accept subkeys with a good revocation but no self-sig
- during import
+Subject: gpg: accept subkeys with a good revocation but no self-sig during
+ import
 
 * g10/import.c (chk_self_sigs): Set the NODE_GOOD_SELFSIG flag when we
 encounter a valid revocation signature. This allows import of subkey
@@ -20,14 +20,17 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  1 file changed, 1 insertion(+)
 
 diff --git a/g10/import.c b/g10/import.c
-index ba62d2322..fa4d417ad 100644
+index ea3ba2991..5d27d8b66 100644
 --- a/g10/import.c
 +++ b/g10/import.c
-@@ -3905,6 +3905,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
+@@ -3890,6 +3890,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
                    /* It's valid, so is it newer? */
                    if (sig->timestamp >= rsdate)
                      {
 +                      knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid.  */
                        if (rsnode)
                          {
                            /* Delete the last revocation sig since
+-- 
+2.43.0
+

gnupg/0002-gpg-allow-import-of-previously-known-keys-even-witho.patch → gnupg/0003-gpg-allow-import-of-previously-known-keys-even-witho.patch

@@ -1,7 +1,7 @@
-From d74a2faf0db5d4db8dc23fe3813f707e5fa8bbb2 Mon Sep 17 00:00:00 2001
+From b987d2750496f481baa7c2e557427af05e27eded Mon Sep 17 00:00:00 2001
 From: Vincent Breitmoser <look@my.amazin.horse>
 Date: Thu, 13 Jun 2019 21:27:42 +0200
-Subject: [PATCH] gpg: allow import of previously known keys, even without UIDs
+Subject: gpg: allow import of previously known keys, even without UIDs
 
 * g10/import.c (import_one): Accept an incoming OpenPGP certificate that
 has no user id, as long as we already have a local variant of the cert
@@ -18,18 +18,18 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  1 file changed, 11 insertions(+), 34 deletions(-)
 
 diff --git a/g10/import.c b/g10/import.c
-index fa4d417ad..0eacdda7b 100644
+index c83f87360..df482d4a1 100644
 --- a/g10/import.c
 +++ b/g10/import.c
-@@ -2000,7 +2000,6 @@ import_one_real (ctrl_t ctrl,
+@@ -1996,7 +1996,6 @@ import_one_real (ctrl_t ctrl,
    int non_self_or_utk = 0;
    char pkstrbuf[PUBKEY_STRING_SIZE];
    int merge_keys_done = 0;
 -  int any_filter = 0;
    KEYDB_HANDLE hd = NULL;
 
    if (r_valid)
-@@ -2037,14 +2036,6 @@ import_one_real (ctrl_t ctrl,
+@@ -2033,14 +2032,6 @@ import_one_real (ctrl_t ctrl,
        log_printf ("\n");
      }
 
@@ -44,7 +44,7 @@ index fa4d417ad..0eacdda7b 100644
    if (screener && screener (keyblock, screener_arg))
      {
        log_error (_("key %s: %s\n"), keystr_from_pk (pk),
-@@ -2138,18 +2129,10 @@ import_one_real (ctrl_t ctrl,
+@@ -2134,18 +2125,10 @@ import_one_real (ctrl_t ctrl,
  	  }
      }
 
@@ -67,7 +67,7 @@ index fa4d417ad..0eacdda7b 100644
 
    /* Get rid of deleted nodes.  */
    commit_kbnode (&keyblock);
-@@ -2159,24 +2142,11 @@ import_one_real (ctrl_t ctrl,
+@@ -2155,24 +2138,11 @@ import_one_real (ctrl_t ctrl,
      {
        apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
        commit_kbnode (&keyblock);
@@ -92,7 +92,7 @@ index fa4d417ad..0eacdda7b 100644
      }
 
    /* The keyblock is valid and ready for real import.  */
-@@ -2236,6 +2206,13 @@ import_one_real (ctrl_t ctrl,
+@@ -2234,6 +2204,13 @@ import_one_real (ctrl_t ctrl,
        err = 0;
        stats->skipped_new_keys++;
      }
@@ -106,3 +106,6 @@ index fa4d417ad..0eacdda7b 100644
    else if (err)  /* Insert this key. */
      {
        /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY.  */
+-- 
+2.39.5
+

gnupg/0004-gpg-drop-import-clean-from-default-keyserver-import-.patch → gnupg/0005-gpg-drop-import-clean-from-default-keyserver-import-.patch

@@ -1,7 +1,7 @@
-From df393819b9a040b183e1c7e8b9e42a97cb711f55 Mon Sep 17 00:00:00 2001
+From ef5f0200718533d7a1881cce09877d37402e7279 Mon Sep 17 00:00:00 2001
 From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 Date: Mon, 15 Jul 2019 16:24:35 -0400
-Subject: [PATCH] gpg: drop import-clean from default keyserver import options
+Subject: gpg: drop import-clean from default keyserver import options
 
 * g10/gpg.c (main): drop IMPORT_CLEAN from the
 default opt.keyserver_options.import_options
@@ -22,29 +22,32 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  2 files changed, 2 insertions(+), 3 deletions(-)
 
 diff --git a/doc/gpg.texi b/doc/gpg.texi
-index 7e80a293a..652003c27 100644
+index 501e075d2..b15f6110e 100644
 --- a/doc/gpg.texi
 +++ b/doc/gpg.texi
-@@ -2188,7 +2188,7 @@ are available for all keyserver types, some common options are:
+@@ -2191,7 +2191,7 @@ are available for all keyserver types, some common options are:
 
  @end table
 
 -The default list of options is: "self-sigs-only, import-clean,
 +The default list of options is: "self-sigs-only,
- repair-keys, repair-pks-subkey-bug, export-attributes". However, if
- the actual used source is an LDAP server "no-self-sigs-only" is
- assumed unless "self-sigs-only" has been explicitly configured.
+ repair-keys, repair-pks-subkey-bug, export-attributes,
+ update-before-send". However, if the actual used source is an LDAP
+ server "no-self-sigs-only" is assumed unless "self-sigs-only" has been
 diff --git a/g10/gpg.c b/g10/gpg.c
-index 28f47f80b..03298a295 100644
+index aab884d02..437afda03 100644
 --- a/g10/gpg.c
 +++ b/g10/gpg.c
-@@ -2485,8 +2485,7 @@ main (int argc, char **argv)
+@@ -2490,8 +2490,7 @@ main (int argc, char **argv)
  					    | IMPORT_REPAIR_PKS_SUBKEY_BUG
                                              | IMPORT_SELF_SIGS_ONLY
                                              | IMPORT_COLLAPSE_UIDS
 -                                            | IMPORT_COLLAPSE_SUBKEYS
 -                                            | IMPORT_CLEAN);
 +                                            | IMPORT_COLLAPSE_SUBKEYS);
      opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
-     opt.keyserver_options.options = 0;
+     opt.keyserver_options.options = KEYSERVER_UPDATE_BEFORE_SEND;
      opt.verify_options = (LIST_SHOW_UID_VALIDITY
+-- 
+2.43.0
+